majic-ansible-roles Changeset

Changeset - 3bd270c9e860

Parent rev.

Child rev.

[Not reviewed]

0 5 0

Branko Majic (branko) - 7 years ago 2016-11-26 21:47:16
branko@majic.rs

MAR-78: Implement ability to specify local mail aliases in the mail_server role.

5 files changed with 31 insertions and 1 deletions:

docs/rolereference.rst

roles/mail_server/defaults/main.yml

roles/mail_server/handlers/main.yml

roles/mail_server/tasks/main.yml

testsite/group_vars/mail.yml

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -842,6 +842,7 @@ The role implements the following: @@
 * Deploys IMAP/SMTP TLS private keys and certificates.
 * Installs and configures Dovecot, Postfix, ClamAV, and ClamAV Milter.
 * Purges Exim4 configuration (just in case).
 * Sets-up aliases for the local recipients.
 * Installs SWAKS (utility for testing SMTP servers).
 * Sets-up the necessary directories and files under Postfix chroot.
 * Configures firewall to allow incoming connections to the mail server. This
@@ @@ -970,6 +971,13 @@ Parameters @@
   Private key used for TLS for IMAP service. The file will be stored in
   directory ``/etc/ssl/private/`` under name ``{{ ansible_fqdn }}_imap.key``.
 **local_mail_aliases** (dictionary, optional, ``[]``)
   Dictionary defining the local aliases. Aliases defined this way will either be
   appended to default aliases on the server, or replace the existing entries (if
   the alias/recipient is already present). Keys in the dictionary are the local
   recipients/aliases, while the value provided should be a space-separated list
   of mail addresses (or local users) where the mails should be forwarded.
 **smtp_tls_certificate** (string, optional, ``{{ lookup('file', tls_certificate_dir + '/' ansible_fqdn + '_smtp.pem') }}``)
   X.509 certificate used for TLS for SMTP service. The file will be stored in
   directory ``/etc/ssl/certs/`` under name ``{{ ansible_fqdn }}_smtp.pem``.
   mail_user_uid: 5000
   mail_user_gid: 5000
   # All mails sent to local user root will be forwarded to external account as
   # well.
   local_mail_aliases:
     root: "root john.doe@example.com"
   imap_tls_certificate: "{{ lookup('file', '~/tls/mail.example.com_imap.pem') }}"
   imap_tls_key: "{{ lookup('file', '~/tls/mail.example.com_imap.key') }}"
   smtp_tls_certificate: "{{ lookup('file', '~/tls/mail.example.com_smtp.pem') }}"

roles/mail_server/defaults/main.yml

➞

Show inline comments

 imap_folder_separator: "/"
 smtp_rbl: []
 mail_postmaster: "postmaster@{{ ansible_domain }}"
 smtp_allow_relay_from: []
@@ \ No newline at end of file @@
 smtp_allow_relay_from: []
 local_mail_aliases: []
@@ \ No newline at end of file @@

roles/mail_server/handlers/main.yml

➞

Show inline comments

@@ @@ -8,3 +8,6 @@ @@
 - name: Restart ClamAV Milter
   service: name="clamav-milter" state=restarted
 - name: Rebuild mail aliases
   command: /usr/bin/newaliases

roles/mail_server/tasks/main.yml

➞

Show inline comments

@@ @@ -95,6 +95,16 @@ @@
   notify:
     - Restart Postfix
 - name: Set-up local mail aliases
   lineinfile:
     dest: "/etc/aliases"
     line: "{{ item.key }}: {{ item.value }}"
     regexp: "^{{ item.key }}"
     state: present
   with_dict: "{{ local_mail_aliases }}"
   notify:
     - Rebuild mail aliases
 - name: Create mail owner group
   group: name="{{ mail_user }}" gid="{{ mail_user_gid | default(omit) }}" state=present

testsite/group_vars/mail.yml

➞

Show inline comments

@@ @@ -10,6 +10,9 @@ mail_user: vmail @@
 mail_user_uid: 5000
 mail_user_gid: 5000
 local_mail_aliases:
   root: "root john.doe@{{ testsite_domain }}"
 imap_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_imap.pem') }}"
 imap_tls_key: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_imap.key') }}"
 smtp_tls_certificate: "{{ lookup('file', inventory_dir + '/tls/mail.' + testsite_domain + '_smtp.pem') }}"

0 comments (0 inline, 0 general)